What is CVE-2026-13752?

CVE-2026-13752 is a medium-severity vulnerability in Snowflake Cli, classified under SQL Injection. CVSS score: 6.0/10. Published 2026-06-29.

How severe is CVE-2026-13752?

Medium severity. CVSS v3 base score is 6.0 out of 10.

SQL Injection in Snowflake Cli

CVE-2026-13752

Improper neutralization of parameters in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. An attacker could exploit this by supplying crafted values to vulnerable command paths, causing Snowflake CLI to execute uninte…

Vulnerability class: SQL Injection

CVSS v3 metric

CVSS v3 base score 6.0 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N.

Affected products

Snowflake Cli — versions 1.1.0

Weakness classification (CWE)

CWE-89 — SQL Injection

References

412d305a-227d-44f9-a262-a31ba44f2aea

Frequently asked questions

What is CVE-2026-13752?: CVE-2026-13752 is a medium-severity vulnerability in Snowflake Cli, classified under SQL Injection. CVSS score: 6.0/10. Published 2026-06-29.
How severe is CVE-2026-13752?: Medium severity. CVSS v3 base score is 6.0 out of 10.